Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/538F7B12B1D711EBB3C0A24AC4F9AE02.roa
File: 538F7B12B1D711EBB3C0A24AC4F9AE02.roa (raw, json)
Hash identifier: VriM0YGDOfhzo18xUQqToLLJGd+19KKo1Yju23Rp1tg=
Subject key identifier: DF:62:1F:83:D2:F0:42:78:97:D4:C4:33:32:47:4D:02:EB:76:66:04
Certificate issuer: /CN=A91B1FA8/serialNumber=1C4E9F3F800505A40BA165B6C020405A22C64B3B
Certificate serial: 133E
Authority key identifier: 1C:4E:9F:3F:80:05:05:A4:0B:A1:65:B6:C0:20:40:5A:22:C6:4B:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/538F7B12B1D711EBB3C0A24AC4F9AE02.roa
Signing time: Tue 04 Mar 2025 17:44:59 +0000
ROA not before: Tue 04 Mar 2025 17:44:59 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 4764
IP address blocks: 61.245.128.0/19 maxlen: 24
103.94.48.0/22 maxlen: 24
119.18.0.0/19 maxlen: 24
119.18.32.0/21 maxlen: 24
120.88.112.0/20 maxlen: 24
121.200.0.0/19 maxlen: 24
123.253.148.0/22 maxlen: 23
123.253.148.0/24 maxlen: 24
123.253.149.0/24 maxlen: 24
123.253.150.0/24 maxlen: 24
180.150.0.0/17 maxlen: 24
180.181.192.0/18 maxlen: 22
202.90.240.0/21 maxlen: 24
202.142.128.0/20 maxlen: 24
203.129.16.0/20 maxlen: 24
2403:5800::/27 maxlen: 27
2403:5800::/28 maxlen: 28
2403:5800::/32 maxlen: 36
2403:5800:1::/48 maxlen: 48
2403:5800:3::/48 maxlen: 48
2403:5800:5::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4926 (0x133e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B1FA8
Validity
Not Before: Mar 4 17:44:59 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c73c1b-38b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ca:6a:81:fb:f2:16:ce:1c:67:16:43:f3:4b:
9d:4a:3f:a9:08:dd:31:10:d4:69:a7:a0:d8:39:b2:
c1:0b:57:96:d0:1a:fd:fc:5d:69:8b:da:41:5a:ba:
88:85:14:8a:c0:22:1b:5e:9f:3a:50:48:ee:e7:72:
9a:63:f7:6d:e8:21:d4:01:ca:51:6e:ca:02:e6:56:
df:ac:b9:d8:aa:57:42:e8:e8:15:9e:a3:6c:b6:40:
88:9d:19:09:47:89:98:04:b5:f5:d4:56:bb:b7:d8:
47:e5:8e:7c:cd:1c:f8:db:e2:67:12:08:ba:89:f7:
b4:ef:d8:47:c8:7a:79:bc:6c:7a:d6:4a:4c:a3:ce:
89:4c:06:52:39:c2:cd:25:05:58:ae:ff:d0:66:75:
3c:a1:9f:f3:ed:7c:c5:04:df:71:c9:1f:c5:d3:6a:
c1:ec:61:d5:d6:62:ba:7f:b4:95:ba:18:a8:b7:88:
14:34:b9:8c:49:a3:f0:d1:6f:79:be:25:a2:a5:03:
0f:e4:2d:74:f5:ca:76:2a:32:41:51:88:93:1b:be:
3e:17:81:ab:1e:25:bc:58:cc:20:62:73:33:ab:31:
87:5b:cf:8b:9c:d8:24:2f:14:b3:40:2b:af:a4:b6:
24:6e:27:c4:cd:6c:98:40:67:2f:3a:cd:d7:3f:8b:
de:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:62:1F:83:D2:F0:42:78:97:D4:C4:33:32:47:4D:02:EB:76:66:04
X509v3 Authority Key Identifier:
keyid:1C:4E:9F:3F:80:05:05:A4:0B:A1:65:B6:C0:20:40:5A:22:C6:4B:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/538F7B12B1D711EBB3C0A24AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.245.128.0/19
103.94.48.0/22
119.18.0.0-119.18.39.255
120.88.112.0/20
121.200.0.0/19
123.253.148.0/22
180.150.0.0/17
180.181.192.0/18
202.90.240.0/21
202.142.128.0/20
203.129.16.0/20
IPv6:
2403:5800::/27
Signature Algorithm: sha256WithRSAEncryption
9e:d0:66:53:eb:f8:0d:aa:50:98:09:cf:be:33:05:20:31:16:
91:5a:8e:f2:30:f7:6c:c8:c6:0c:c0:5b:74:33:bd:45:04:3c:
9a:27:62:8a:da:fc:77:7b:8f:60:cb:64:e1:3e:7b:71:cd:87:
5a:99:b8:5e:3b:43:13:a0:c7:ae:7a:7e:bc:af:e6:94:18:ec:
bd:10:76:ef:35:74:67:df:23:01:e3:6b:60:96:ac:e6:8d:35:
48:44:3d:e1:4b:df:4d:d9:20:4a:3e:d7:e2:75:4f:08:61:5b:
ca:df:73:4c:0c:db:94:08:52:47:d1:b3:60:a0:a3:a6:5c:c7:
37:50:9d:a5:62:91:87:69:0b:dd:9f:a1:78:95:82:f2:87:e8:
49:e8:17:f6:41:ff:38:e8:56:eb:70:f0:b3:76:95:c3:0c:3c:
04:07:5c:0e:ec:17:a7:ff:23:62:cd:8b:7b:aa:7a:2f:01:dc:
79:1e:7a:9a:ff:00:9e:de:ef:5a:0f:69:06:38:31:07:f7:2e:
2e:a2:3e:0d:a6:99:ac:21:9a:f9:c8:ce:70:0d:de:19:9e:43:
8c:13:89:39:32:5d:05:8a:ac:bc:e6:03:a0:98:d6:61:1c:c8:
31:40:6f:3b:1f:5c:0d:97:8f:37:4c:6f:59:dc:37:6e:f5:cc:
a5:a2:db:9e
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgICEz4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjFGQTgxMTAvBgNVBAUTKDFDNEU5RjNGODAwNTA1QTQwQkExNjVCNkMwMjA0MDVB
MjJDNjRCM0IwHhcNMjUwMzA0MTc0NDU5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3M2MxYi0zOGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAucpqgfvyFs4cZxZD80udSj+pCN0xENRpp6DYObLBC1eW0Br9/F1pi9pBWrqI
hRSKwCIbXp86UEju53KaY/dt6CHUAcpRbsoC5lbfrLnYqldC6OgVnqNstkCInRkJ
R4mYBLX11Fa7t9hH5Y58zRz42+JnEgi6ife079hHyHp5vGx61kpMo86JTAZSOcLN
JQVYrv/QZnU8oZ/z7XzFBN9xyR/F02rB7GHV1mK6f7SVuhiot4gUNLmMSaPw0W95
viWipQMP5C109cp2KjJBUYiTG74+F4GrHiW8WMwgYnMzqzGHW8+LnNgkLxSzQCuv
pLYkbifEzWyYQGcvOs3XP4veHQIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFN9iH4PS
8EJ4l9TEMzJHTQLrdmYEMB8GA1UdIwQYMBaAFBxOnz+ABQWkC6FltsAgQFoixks7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUZBOC9FODYxRkQzQUFG
RDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9IRTZmUDRBRkJhUUxvV1cyd0NCQVdpTEdT
enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hFNmZQNEFGQmFRTG9XVzJ3Q0JBV2lMR1N6cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjFGQTgvRTg2MUZEM0FBRkQ5MTFFOEIyRUQ0QzdGQzRGOUFFMDIvNTM4RjdCMTJC
MUQ3MTFFQkIzQzBBMjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcQYIKwYBBQUHAQcBAf8E
YjBgME8EAgABMEkDBAU99YADBAJnXjAwCwMDAXcSAwQDdxIgAwQEeFhwAwQFecgA
AwQCe/2UAwQHtJYAAwQGtLXAAwQDylrwAwQEyo6AAwQEy4EQMA0EAgACMAcDBQUk
A1gAMA0GCSqGSIb3DQEBCwUAA4IBAQCe0GZT6/gNqlCYCc++MwUgMRaRWo7yMPds
yMYMwFt0M71FBDyaJ2KK2vx3e49gy2ThPntxzYdambheO0MToMeuen68r+aUGOy9
EHbvNXRn3yMB42tglqzmjTVIRD3hS99N2SBKPtfidU8IYVvK33NMDNuUCFJH0bNg
oKOmXMc3UJ2lYpGHaQvdn6F4lYLyh+hJ6Bf2Qf846FbrcPCzdpXDDDwEB1wO7Ben
/yNizYt7qnovAdx5Hnqa/wCe3u9aD2kGODEH9y4uoj4NppmsIZr5yM5wDd4ZnkOM
E4k5Ml0Fiqy85gOgmNZhHMgxQG87H1wNl483TG9Z3Ddu9cylotue
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:26:14 2025 by rpki-client